Vulnerability Database
Blog
FAQ
Docs
CVE-2020-11994
See a problem?
Please try reporting it
to the source
first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-11994
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-11994.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-11994
Aliases
GHSA-9vfj-5g7h-4p24
Published
2020-07-08T16:15:11Z
Modified
2024-10-12T05:40:32.196823Z
Severity
7.5 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS Calculator
Summary
[none]
Details
Server-Side Template Injection and arbitrary file disclosure on Camel templating components
References
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600%40%3Cannounce.tomcat.apache.org%3E
Affected packages
Git
/
github.com/apache/camel
Affected ranges
Type
GIT
Repo
https://github.com/apache/camel
Events
Last affected
70be13359da5c36189f16bd84b57db44f4315edf
Introduced
ac11f88de7594232c3c28532a19377764665ce13
Last affected
7f96e2e248cc52a8d3c5899e50bbfe71427c69d4
Introduced
363777cc93ab6072cd12d2a231c2165cbc6c0524
Last affected
83cb50cde23bda73c414a6ef1240e36cbcca77b3
Introduced
675a6149321065b076b5d9a4ba9dfc29a2e72a3d
Last affected
86f99c9d20bf27870784baaff76df5a80e929a13
Introduced
7a239b9f57f1db4e91cf8ba601fb6917efd82d39
Last affected
d373c4c321ad45a949b568d5503e80a3cc486518
Last affected
fa2a3c885e621014e1d54663b141b9f10b1299a4
Affected versions
camel-2.*
camel-2.22.0
camel-2.22.1
camel-2.22.2
camel-2.22.3
camel-2.22.4
camel-2.22.5
camel-2.23.0
camel-2.23.1
camel-2.23.2
camel-2.23.3
camel-2.23.4
camel-2.24.0
camel-2.24.1
camel-2.24.2
camel-2.24.3
camel-2.25.0
camel-2.25.1
camel-3.*
camel-3.0.0
camel-3.3.0
CVE-2020-11994 - OSV